This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.mft File: nXXPbGAZ8FnkZeTesgTNJCvUtGU.mft (raw, json) Hash identifier: cGHSTvG1E1z/WT38ygAU8g4DU7Qwv3uWPGEC/TkwgcY= Subject key identifier: B9:F3:2D:98:04:88:21:C9:74:40:D5:F8:96:29:F3:F7:B6:90:FA:42 Authority key identifier: 9D:75:CF:6C:60:19:F0:59:E4:65:E4:DE:B2:04:CD:24:2B:D4:B4:65 Certificate issuer: /CN=9d75cf6c6019f059e465e4deb204cd242bd4b465 Certificate serial: 019BF72D93ECDF1F9F48AED44E8B9D255246 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nXXPbGAZ8FnkZeTesgTNJCvUtGU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.mft Manifest number: 140B Signing time: Sun 25 Jan 2026 22:01:57 +0000 Manifest this update: Sun 25 Jan 2026 22:01:57 +0000 Manifest next update: Mon 26 Jan 2026 22:01:57 +0000 Files and hashes: 1: _3hDeG2_gP2OF_kOwQ_-RVY6AGk.roa (hash: MhtbxEEzpA8s8MGWNiwEnIVTeslC4E8X2PXN0HorBxY=) 2: nXXPbGAZ8FnkZeTesgTNJCvUtGU.crl (hash: iuVv6vknohwaIgmFSQ+nT/IQBKCpzpdGXXHLSf9IbYw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.crl rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.mft rsync://rpki.ripe.net/repository/DEFAULT/nXXPbGAZ8FnkZeTesgTNJCvUtGU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f7:2d:93:ec:df:1f:9f:48:ae:d4:4e:8b:9d:25:52:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d75cf6c6019f059e465e4deb204cd242bd4b465 Validity Not Before: Jan 25 22:01:57 2026 GMT Not After : Jan 26 22:01:57 2026 GMT Subject: CN=b9f32d98048821c97440d5f89629f3f7b690fa42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:9a:ca:2e:a2:62:2f:73:68:1a:6c:81:76:ac: 70:17:18:2f:ad:e5:62:ee:67:91:36:b8:d9:2f:b9: fe:68:56:c9:41:2e:d5:53:bd:c8:be:1f:a3:5f:c4: 45:2f:09:9e:28:31:39:35:e1:0a:42:5a:3e:22:59: bf:1b:ee:e0:2f:7f:1c:6e:0e:e7:74:1f:bb:1e:78: 25:7f:16:b7:34:e6:21:86:1a:d0:e2:2a:4a:ed:6e: d7:c8:a1:c7:ed:fd:88:aa:48:de:5c:41:12:92:9a: 2e:80:eb:1a:92:9d:94:61:4f:40:0d:7e:dc:fc:e2: c5:8b:c4:6a:e5:9a:c0:99:cf:f1:4e:56:db:79:d2: 03:0d:0a:d2:dc:0a:d6:ae:fe:7a:9d:0e:fb:a1:2e: 55:bc:3d:ce:9e:bf:54:74:66:e2:a3:50:cb:fa:4d: 5c:49:37:47:35:7a:8a:35:05:b7:a1:22:a8:ea:71: d7:f4:13:bc:68:b0:4f:33:b5:b1:9c:86:86:e7:1d: b0:e3:d7:07:5b:57:2a:f2:67:30:90:c9:52:88:57: 58:34:2b:31:21:a1:77:c6:0b:e4:1d:d7:53:1e:56: 48:ed:35:89:a8:1f:97:91:95:1c:de:2c:92:69:3e: b8:0d:20:6e:71:a2:93:73:aa:67:64:0c:6e:ae:79: 1b:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:F3:2D:98:04:88:21:C9:74:40:D5:F8:96:29:F3:F7:B6:90:FA:42 X509v3 Authority Key Identifier: keyid:9D:75:CF:6C:60:19:F0:59:E4:65:E4:DE:B2:04:CD:24:2B:D4:B4:65 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nXXPbGAZ8FnkZeTesgTNJCvUtGU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d04f1b-074c-495e-a431-76b1ae62f072/1/nXXPbGAZ8FnkZeTesgTNJCvUtGU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:aa:68:d6:1d:e6:2e:21:63:c8:de:b2:5c:47:d7:45:56:07: 40:81:9d:58:3b:b2:4b:ee:2c:e7:4c:f5:e6:5a:5b:14:e8:8f: 20:35:0f:48:4a:b8:9f:5d:31:c4:13:f4:3c:89:d9:26:ac:31: 3c:e5:b7:ab:17:5e:a8:c7:a8:f8:ba:07:04:4f:d8:63:ae:ec: aa:04:12:2f:35:c3:ac:d7:18:9c:a1:dd:20:aa:b5:9d:cd:33: bd:d3:64:8c:f5:25:c1:f0:e4:e9:c6:42:59:ca:e5:c7:48:89: 5b:ef:37:0d:cd:d5:df:7e:fb:7d:d9:a4:1b:fc:4d:59:02:6b: 81:34:29:79:99:14:89:08:80:0a:57:4a:18:e4:fc:09:46:fc: 68:aa:30:14:35:39:77:79:73:4d:4d:54:52:88:81:21:a1:fa: 0f:01:1d:54:8d:df:3e:de:44:cb:2c:2c:27:3a:5e:b1:33:c0: 56:47:1e:35:21:47:45:ef:98:df:56:c3:de:29:1d:f0:55:df: fd:22:76:6c:90:c0:90:5a:60:d0:43:f3:c0:ba:95:f3:c0:c5: 56:e2:8a:a6:32:6e:9d:3c:e0:12:38:a8:16:37:9a:93:12:cf: a9:63:f0:65:68:f2:90:83:b5:1e:ec:95:11:7b:2c:e2:88:ce: 3c:d4:68:2f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZv3LZPs3x+fSK7UToudJVJGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkNzVjZjZjNjAxOWYwNTllNDY1ZTRkZWIyMDRjZDI0MmJk NGI0NjUwHhcNMjYwMTI1MjIwMTU3WhcNMjYwMTI2MjIwMTU3WjAzMTEwLwYDVQQD EyhiOWYzMmQ5ODA0ODgyMWM5NzQ0MGQ1Zjg5NjI5ZjNmN2I2OTBmYTQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5rKLqJiL3NoGmyBdqxwFxgvreVi 7meRNrjZL7n+aFbJQS7VU73Ivh+jX8RFLwmeKDE5NeEKQlo+Ilm/G+7gL38cbg7n dB+7Hnglfxa3NOYhhhrQ4ipK7W7XyKHH7f2IqkjeXEESkpougOsakp2UYU9ADX7c /OLFi8Rq5ZrAmc/xTlbbedIDDQrS3ArWrv56nQ77oS5VvD3Onr9UdGbio1DL+k1c STdHNXqKNQW3oSKo6nHX9BO8aLBPM7WxnIaG5x2w49cHW1cq8mcwkMlSiFdYNCsx IaF3xgvkHddTHlZI7TWJqB+XkZUc3iySaT64DSBucaKTc6pnZAxurnkbVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLnzLZgEiCHJdEDV+JYp8/e2kPpCMB8GA1UdIwQY MBaAFJ11z2xgGfBZ5GXk3rIEzSQr1LRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblhYUGJHQVo4Rm5rWmVUZXNnVE5KQ3ZVdEdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9kMDRmMWItMDc0Yy00OTVlLWE0MzEt NzZiMWFlNjJmMDcyLzEvblhYUGJHQVo4Rm5rWmVUZXNnVE5KQ3ZVdEdVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My9kMDRmMWItMDc0Yy00OTVlLWE0MzEtNzZiMWFlNjJmMDcy LzEvblhYUGJHQVo4Rm5rWmVUZXNnVE5KQ3ZVdEdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaqpo1h3m LiFjyN6yXEfXRVYHQIGdWDuyS+4s50z15lpbFOiPIDUPSEq4n10xxBP0PInZJqwx POW3qxdeqMeo+LoHBE/YY67sqgQSLzXDrNcYnKHdIKq1nc0zvdNkjPUlwfDk6cZC Wcrlx0iJW+83Dc3V3377fdmkG/xNWQJrgTQpeZkUiQiACldKGOT8CUb8aKowFDU5 d3lzTU1UUoiBIaH6DwEdVI3fPt5EyywsJzpesTPAVkceNSFHRe+Y31bD3ikd8FXf /SJ2bJDAkFpg0EPzwLqV88DFVuKKpjJunTzgEjioFjeakxLPqWPwZWjykIO1HuyV EXss4ojOPNRoLw== -----END CERTIFICATE-----Generated at Mon Jan 26 04:00:07 2026 by rpki-client